Date: Wed, 09 Jul 2008 11:23:56 -0700 From: Xin LI <delphij@delphij.net> To: Dennis Yusupoff <denissia@mail.ru> Cc: ports@FreeBSD.org, DougB@FreeBSD.org Subject: Re: Critical vulnerability patch need in BINDx ports Message-ID: <4875023C.6030109@delphij.net> In-Reply-To: <1471888212.20080709162207@mail.ru> References: <1471888212.20080709162207@mail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dennis Yusupoff wrote: | Hello, Doug. | | I hope, you've already seen patch for BINDx, that close critical | vulnerability. | Could you register it in your FreeBSD-port(s)? | | http://www.isc.org/index.pl?/sw/bind/index.php | === | Index: inet_network.c | diff -u inet_network.c:1.5 inet_network.c:1.6 | --- inet_network.c:1.5 Wed Apr 27 04:56:21 2005 | +++ inet_network.c Tue Jan 15 04:02:01 2008 | @@ -84,9 +84,9 @@ | } | if (!digit) | return (INADDR_NONE); | + if (pp >= parts + 4 || val > 0xffU) | + return (INADDR_NONE); | if (*cp == '.') { | - if (pp >= parts + 4 || val > 0xffU) | - return (INADDR_NONE); | *pp++ = val, cp++; | goto again; | } | === This is for BIND8... Cheers, - -- Xin LI <delphij@delphij.net> http://www.delphij.net/ FreeBSD - The Power to Serve! -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkh1AjwACgkQi+vbBBjt66DO/ACdEbCx9pp4B1E7nro1VcWSNAo0 vvcAmQGZY2t86DQfaFfwNxCA8q0RGBsF =X3pp -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4875023C.6030109>